227048a0c894cd45929e74adb743e6552a98b6ddced5aa1ffaa6731e545b7b2c

Sharing

Copy URL Twitter E-mail

General

Target

227048a0c894cd45929e74adb743e6552a98b6ddced5aa1ffaa6731e545b7b2c
Size

72KB
MD5

5e2544cd264f13c9d36481154aa213ac
SHA1

54cf0fd4df9d1394993c8a33809ea1a918a42cf2
SHA256

227048a0c894cd45929e74adb743e6552a98b6ddced5aa1ffaa6731e545b7b2c
SHA512

3eae3f0107e1014f5b73bdc7b726a84e3996be2693224c98e030b4f5eb9736eda77b3464109bfe7d6b83a075528f6d8510de09ed155350a48ce3e0e9622ada26
SSDEEP

768:5yUZI/Fz4356wqY0MiRGfhEq9PiThanphnp1edDB3MmlsjGNMoSV6x2tV7QySzVe:HCtPXMiMJPiF8Lnp1eFl02JS82EBV3

Score

N/A

Malware Config

Signatures

Files

227048a0c894cd45929e74adb743e6552a98b6ddced5aa1ffaa6731e545b7b2c
.dll windows x86

a22ffb6066f3685cb3a71075a0999915

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
EnterCriticalSection
HeapFree
InterlockedExchange
GetProcAddress
GetModuleFileNameA
lstrlenW
VirtualProtect
LoadLibraryA
MapViewOfFile
lstrcatW
CreateMutexA
CreateFileMappingA
UnmapViewOfFile
InitializeCriticalSection
CreateThread
CreateDirectoryA
lstrlenA
GetSystemTimeAsFileTime
CreateProcessA
MoveFileExA
ReleaseMutex
GetBinaryTypeW
HeapLock
GetLongPathNameW
CreateConsoleScreenBuffer
GlobalGetAtomNameA
GetConsoleScreenBufferInfo
GetAtomNameW
SetProcessWorkingSetSize
OpenSemaphoreW
SetNamedPipeHandleState
lstrcmpiW
GetLocaleInfoA
FindNextChangeNotification
GetSystemPowerStatus
CreateProcessW
GetProfileStringA
GetStartupInfoA
FlushViewOfFile
SetComputerNameA
GetCurrentThreadId
BindIoCompletionCallback
GlobalGetAtomNameW
IsValidLanguageGroup
LocalReAlloc
CreatePipe
AddAtomW
CreateMailslotW
OpenJobObjectW
SetErrorMode
GetFullPathNameW
WaitForSingleObjectEx
GetFileSizeEx
LCMapStringW
FindResourceExA
GetDiskFreeSpaceW
GlobalMemoryStatusEx
GetModuleHandleExW
PulseEvent
EnumSystemLocalesA
LockFile
VerSetConditionMask
GetVolumePathNameW
TerminateThread
UnregisterWaitEx
EnumUILanguagesW
SwitchToThread
RemoveDirectoryW
GetThreadTimes
FileTimeToDosDateTime
GetTapeParameters
FindAtomW
CopyFileExW
ChangeTimerQueueTimer
GetCurrentProcess
AllocConsole
HeapSize
VirtualUnlock
FindCloseChangeNotification
GetFileAttributesExW
WriteFileEx
lstrcatA
GlobalDeleteAtom
GetSystemWindowsDirectoryA
SetCurrentDirectoryA
GetHandleInformation
CreateEventA
UpdateResourceA
GetStdHandle
WaitForMultipleObjectsEx
DeleteTimerQueueEx
FreeLibraryAndExitThread
OpenMutexA
FindFirstVolumeMountPointW
FindFirstChangeNotificationW
WriteConsoleA
SetFileTime
HeapCreate
GetExitCodeProcess
HeapReAlloc
GetCurrentDirectoryA
GetSystemDefaultLangID
GetVersion
RegisterWaitForSingleObjectEx
SetCurrentDirectoryW
CreateToolhelp32Snapshot
CreateTimerQueue
GetSystemWow64DirectoryW
GetTempPathW
SetFilePointerEx
GetTimeZoneInformation
OpenSemaphoreA
GlobalFlags
TryEnterCriticalSection
HeapWalk
lstrcpynW
GetModuleFileNameW
GetLocalTime
SetHandleInformation
FindResourceW
FindFirstFileExW
SetConsoleTextAttribute
ResetEvent
CancelIo
EnumResourceLanguagesA
SearchPathW
GlobalAddAtomA
LocalFlags
GetTempFileNameA
GetCurrentDirectoryW
SetEvent
GlobalAlloc
FillConsoleOutputAttribute
CancelWaitableTimer
UnregisterWait
LoadResource
IsBadWritePtr
GetCommandLineA
GetThreadPriority

ole32

RegisterDragDrop
StgOpenStorageEx
OleRun
CoUnmarshalInterface
StgOpenStorage
CoFileTimeNow
OleInitialize
OleSaveToStream
OleCreateFromFile
CreateGenericComposite
CreateItemMoniker
OleUninitialize
OleQueryLinkFromData
CoLockObjectExternal
CreateOleAdviseHolder
CreatePointerMoniker
StringFromGUID2
BindMoniker
StgIsStorageFile
OleLockRunning
CreateBindCtx
CoRevertToSelf
CoQueryProxyBlanket
MkParseDisplayName
OleLoad
CoGetMarshalSizeMax
CoMarshalInterface
CoFreeUnusedLibrariesEx
GetHGlobalFromILockBytes
CreateAntiMoniker
SetConvertStg
CoImpersonateClient
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

shlwapi

wnsprintfA
StrCatBuffA
PathIsNetworkPathW
StrCmpNW
PathCreateFromUrlW
UrlIsW
PathGetDriveNumberW
StrStrA
PathIsRelativeW
PathFindNextComponentW
PathFindFileNameA
PathAppendW
SHSetValueA
UrlCreateFromPathW
UrlCanonicalizeW
SHGetValueW
SHRegSetPathW
PathFindExtensionW
AssocQueryStringW
PathRemoveArgsW
PathIsRootW
StrChrIW
PathCanonicalizeW
PathAddExtensionW
StrRChrW
StrCatW
SHStrDupW
StrToIntA
StrFormatByteSizeW
SHRegGetValueW
PathIsDirectoryW
SHRegGetBoolUSValueW
StrStrIW
StrStrIA
StrNCatW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22ffb6066f3685cb3a71075a0999915

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 952B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 952B

.reloc
Size: 4KB - Virtual size: 1KB